<?php
include_once('common/header.php');	
if($AppUI->id <= 0 || !isset($_SERVER['HTTP_REFERER'])) {	
	Vfriend_Function::redirect(HOST_VFRIEND);
}
$strRefer			= isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '';
$intAction			= $objRequest->getParam('act',0);
$strFullname		= '';
if(!isset($intAction) || $intAction == 0 ) {
	$intUserId		= Vfriend_Function::base64D($objRequest->getParam('puserid',0));
	$strFullname	= $objRequest->getParam('pfullname','');
	$strToken		= $objRequest->getParam('ptoken','');
	$strTok			= $intUserId . '_' . $AppUI->id;
	$strSession		= isset($_SESSION['blacklist' . $strTok]) ? $_SESSION['blacklist' . $strTok] : '';
	$intError		= 0;
	if($intUserId && Vfriend_Function::isValidLink($strRefer) && $strToken != '' && $strSession != '' && $strSession == $strToken) {
		unset($_SESSION['blacklist' . $strTok]);
		if($intUserId != $AppUI->id) {
			$objURequest	= new URequest();
			$intError		= $objURequest->addBlacklist($AppUI->id,$intUserId);
			if($intError == 0) {
				$strMessage	= $arrMessage[2];
				$strMessage	= str_replace('[strFullname]',$strFullname,$strMessage);
				Vfriend_Function::setMsg($strMessage);
			} else {
				$intError = 7;
			}
		} else {
			$intError = 6;
		}
	} else {
		$intError	= 1;
	}	
} else {
	$intUserId		= Vfriend_Function::base64D($objRequest->getParam('uid',''));
	$strToken		= $objRequest->getParam('token','');
	$strSession		= isset($_SESSION['removeBlacklist' . $intUserId]) ? $_SESSION['removeBlacklist' . $intUserId] : '';
	$intError		= 0;
	if($intUserId && Vfriend_Function::isValidLink($strRefer) && $strToken != '' && $strSession != '' && $strSession == $strToken) {
		unset($_SESSION['removeBlacklist' . $intUserId]);
		$objURequest	= new URequest();
		$intError		= $objURequest->deleteBlacklists($AppUI->id,$intUserId);
		if($intError == 0) {
			Vfriend_Function::setMsg($arrMessage[25]);
		} else {
			$intError = 33;
		}
	} else {
		$intError	= 1;
	}
}
if($intError > 0) {
	$strError	= $arrError[$intError];
	if($strFullname != '') {
		$strError	= str_replace('[strFullname]',$strFullname,$strError);
	} else {
		$strError	= str_replace('[strFullname]','',$strError);
	}
	Vfriend_Function::setError($strError);
}
Vfriend_Function::redirect(isset($strRefer) ? $strRefer : HOST_VFRIEND);
?>